Lucene search

K
cve[email protected]CVE-2014-7280
HistoryOct 21, 2014 - 3:55 p.m.

CVE-2014-7280

2014-10-2115:55:07
CWE-79
web.nvd.nist.gov
28
vulnerability
xss
tenable nessus
web security
cve-2014-7280

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

80.3%

Cross-site scripting (XSS) vulnerability in the Web UI before 2.3.4 Build #85 for Tenable Nessus 5.x allows remote web servers to inject arbitrary web script or HTML via the server header.

Affected configurations

NVD
Node
tenableweb_uiRange2.3.3
CPENameOperatorVersion
tenable:web_uitenable web uile2.3.3

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

80.3%